Personal tools

AACS

From DigiWiki

(Difference between revisions)
Jump to: navigation, search
(New page: AACS (Advanced Access Content System) is a form of DRM (copy protection) that is being used by both Blu-ray and HD DVD high definition DVD formats. Is is licensed by the AACS L...)
(Background)
 
(One intermediate revision not shown)
Line 9: Line 9:
[[Image:800px-AACS_Decryption_Diagram.svg.png|right|thumb|Typical AACS decryption chain.]]
[[Image:800px-AACS_Decryption_Diagram.svg.png|right|thumb|Typical AACS decryption chain.]]
-
{{main|Advanced Access Content System}}
+
The AACS Licensing Authority (LA) assigns a series of 253 unique cryptographic keys to device manufacturers. When an AACS protected disc is manufactured, a series of up to 64 keys called title keys are generated and the video content on the disc is encrypted using these keys. The title keys are stored on the disc and themselves encrypted with another key called the volume unique key. The volume unique key for any disc can be calculated by all authorized devices using another key called a processing key, which is derived from a media key block stored on each disc. Authorized devices use one or more of the manufacturer's assigned device keys to decrypt the media key block, yielding a processing key and enabling further decryption of the volume and title keys, and finally the content.
-
The AACS Licensing Authority (LA) assigns a series of 253 unique [[cryptographic key]]s to device manufacturers. When an AACS protected disc is manufactured, a series of up to 64 keys called title keys are generated and the video content on the disc is encrypted using these keys. The title keys are stored on the disc and themselves encrypted with another key called the volume unique key. The volume unique key for any disc can be calculated by all authorized devices using another key called a processing key, which is derived from a media key block stored on each disc. Authorized devices use one or more of the manufacturer's assigned device keys to decrypt the media key block, yielding a processing key and enabling further decryption of the volume and title keys, and finally the content.<ref name="arnezami">{{cite web|url=http://forum.doom9.org/showthread.php?t=122363|title=Understanding AACS (including Subset-Difference)|author=arnezami|date=[[2007-02-17]]|accessdate=2007-03-18}}</ref>
+
If a device key is to be revoked, the media key blocks on all discs manufactured after the time of revocation are encrypted in a way which does not enable the revoked device to obtain a valid processing key. Users trying to view new content on a revoked player would be forced to upgrade their player software to a more secure version, thereby limiting the scope of the compromise each time an exploit is discovered.
-
If a device key is to be revoked, the media key blocks on all discs manufactured after the time of revocation are encrypted in a way which does not enable the revoked device to obtain a valid processing key.<ref name="AACS-cce">{{cite web|url=http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf|title=Introduction and Common Cryptographic Elements|author=AACS-LA|format=PDF|accessdate=2007-03-22}}</ref> Users trying to view new content on a revoked player would be forced to upgrade their player software to a more secure version, thereby limiting the scope of the compromise each time an exploit is discovered.<ref name="Betanews">{{cite web|url=http://www.betanews.com/article/Studios_Take_Claims_of_AACS_Crack_Seriously/1167427818|title=
+
[[Category:Glossary]]
-
Studios Take Claims of AACS Crack Seriously|date=[[2006-12-29]]|author=Scott M. Fulton, III|publisher=''BetaNews''| accessdate=2007-01-02}}</ref><ref name="Reghardware">{{cite web|url=http://www.reghardware.co.uk/2006/12/28/hddvd_crypto_cracked/|title=
+
-
HD DVD anti-rip encryption cracked|date=[[2006-12-28]]|author=Tony Smith|publisher=''The Register''| accessdate=2007-01-02}}</ref> While a compromised device or processing key could be used to decrypt a large number of discs, BackupHDDVD does not use these keys because they can be revoked by AACS LA. Because the AACS revocation system works by preventing a given device or player from calculating a valid volume unique key, BackupHDDVD circumvents the system entirely by relying on volume or title keys leaked from authorized players. With these keys BackupHDDVD is not subject to device revocation and is able to decrypt the content directly, bypassing the key exchange and verification process.<ref name="arnezami" /><ref name="RegisterBeyondRevo">{{cite web|url=http://www.theregister.co.uk/2007/05/04/aacs_crack/|title=Latest AACS crack 'beyond revocation'|author=John Leyden|publisher=''The Register''|date=[[2007-04-04]]|accessdate=2007-05-05}}</ref><ref name="ArsCantHack">{{cite web|url=http://arstechnica.com/news.ars/post/20070415-aacs-cracks-cannot-be-revoked-says-hacker.html|title=New AACS cracks cannot be revoked, says hacker|author=Jeremy Reimer|publisher=''Ars Technica''|date=[[2007-03-15]]|accessdate=2007-05-05}}</ref>
+

Current revision as of 08:09, 4 August 2007

AACS (Advanced Access Content System) is a form of DRM (copy protection) that is being used by both Blu-ray and HD DVD high definition DVD formats. Is is licensed by the AACS LA (License Authority).

AACS uses AES (Advanced Encryption Standard) for encryption.

Background

From Wikipedia entry for BackupHDDVD

Typical AACS decryption chain.

The AACS Licensing Authority (LA) assigns a series of 253 unique cryptographic keys to device manufacturers. When an AACS protected disc is manufactured, a series of up to 64 keys called title keys are generated and the video content on the disc is encrypted using these keys. The title keys are stored on the disc and themselves encrypted with another key called the volume unique key. The volume unique key for any disc can be calculated by all authorized devices using another key called a processing key, which is derived from a media key block stored on each disc. Authorized devices use one or more of the manufacturer's assigned device keys to decrypt the media key block, yielding a processing key and enabling further decryption of the volume and title keys, and finally the content.

If a device key is to be revoked, the media key blocks on all discs manufactured after the time of revocation are encrypted in a way which does not enable the revoked device to obtain a valid processing key. Users trying to view new content on a revoked player would be forced to upgrade their player software to a more secure version, thereby limiting the scope of the compromise each time an exploit is discovered.